Only if your contributors are hackers!
If hackers want to hack you, they will hack you... Simple as that.
I dont know if you are into LulzSec(LulzBoat) Group, they hacked Sony,FBI and many more, for the lulz! They did big damage to Sony!
Backup! Backup!

Well, it was shown that Sony had some really silly security practices. Also, they were running outdated software which suggests at least one way to stay safer than even Sony: keep your software up to date.

Hmm, that's actually probably limited in a php.ini file on your server by default though the actual value may vary. I haven't dealt with that stuff for a long time so I forgot about that, and a search reminded me.

So yeah.. I think it's already limited, but if you want to adjust it you should modify an upload_max_filesize value in an /etc/php/php.ini file on your server (not the same exact path everywhere though, and will also be a bit different if it is a Windows server). If you don't have access to it you can ask your host, but the limit may already be fine in which case you don't have to do anything.